Forums Help & support AxCrypt Portable – truly standalone? Reply To: AxCrypt Portable – truly standalone?

#6211 Reply

Hjalmar

I’ve had a look at the software and it’s very good. There’s quite a bit of redundant/old code but I know this is a natural part of software development.

I’ve noticed a few issues on inspection and I’m going to review everything when I have chance. I’d like to tell you of some things I came across. Sorry if these are already known to you; I’ve not looked through your full list on BitBucket.

Notepad Issue

1 – Create a file in Notepad
2 – Save the file as ‘Test.txt’ and quit notepad
3 – Drag into ‘Recent Files’
4 – Double click ‘Test.txt’ in ‘Recent Files’ to open
5 – File opens and red broom appears
6 – Close ‘Test.txt’ and file closes and red broom disappears

7 – Repeat process above but;
8 – Open a new instance of Notepad (at any time prior to step 6 above) and leave it open
9 – Close ‘Test.txt’ and file closes but red broom remains
10 – Close new instance of Notepad and red broom disappears

Paint Issue

1 – Create a file in Paint [pbrush.exe]
2 – Save it as ‘Test.png’ and quite paint
3 – Drag into ‘Recent Files’
4 – Double click ‘Test.png’ in ‘Recent Files’ to open
5 – File opens in ‘Photos’ [Windows 10] and red broom appears
6 – Close ‘Test.png’ and file closes but red broom remains
7 – You have to manually click the red broom to erase temporary data

Report Snapshot

1 – Reproducible when invoked with -offline switch
2 – Reproducible when ‘Always Offline’ set
3 – If file deleted it is recreated upon next program full reload
4 – If file is not deleted, no further entries are made
5 – Is AxCrypt trying to connect to service despite user setting offline option?
6 – Example below (date and time removed):

Axantum.AxCrypt.Common.OfflineApiException: Internet Unavailable GET https://account.axcrypt.net/api/global/apiversion
at Axantum.AxCrypt.Mono.RestCaller.<SendAsync>d__1.MoveNext()
— End of stack trace from previous location where exception was thrown —
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Axantum.AxCrypt.Api.ApiCaller.<RestAsync>d__1.MoveNext()
— End of stack trace from previous location where exception was thrown —
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Axantum.AxCrypt.Api.GlobalApiClient.<ApiVersionAsync>d__12.MoveNext()

Suggestions

1 – Add ‘Open With’ context menu in AxCrypt UX (upon right click) to allow file to be opened with non-default application
2 – Add ‘Anonymous Rename’ in AxCrypt UX (upon right click) as it’s quicker than using the ‘File’ menu
3 – You have to open file (once you’ve dragged it back into ‘Recent Files’) before AxCrypt will show the name of an Anonymously Renamed file
4 – Allow password change offline. Maybe only for ‘Always Offline’ users because of potential sync problems otherwise for Premium users where key files need to be uploaded to your servers
5 – ‘Export AxCrypt ID Secret and Sharing Key Pair’ encrypts that file with AxCrypt. Whilst the ‘Import AxCrypt ID with sharing and access keys’ is greyed out it’s non-intuitive to users (especially as the exported file doesn’t appear in ‘Recent Files’) that the file needs decrypting prior to use: unless when you activate this feature AxCrypt decrypts the file
6 – Is it necessary to encrypt the private key? The private key is unusable without the password. It’s a nice added level of security provided that this is explained to the user
7 – A lightbulb is non-intuitive for a ‘Check for updates’ option. Consider having an exclamation mark or another more representative icon. A lightbulb looks like a ‘Tip of the day’ that people will ignore
8 – “Your version is old. Please click to check for a newer version” lightbulb appears when in offline mode. Consider allowing the user to remove it via a menu option. They shouldn’t have to add a “LastUpdateCheckUtc” or “NewestKnownVersion” entry
9 – Re-order ‘Help’ menu so that ‘About’ is at the bottom – i.e. ‘View Help’, ‘Check for Update’, ‘About’
10 – Consider changing the ‘Password Reset’ name to ‘Destroy AxCrypt Account’ to make it clear to users that a password reset won’t give them access to their files; it’ll destroy their account and allow them to start afresh
11 – If a user activates debugging it appears to send information to the server by default. If this is so, consider having a ‘Send Debug Logs’ option instead
12 – Debug has ‘Check Version Now’ in addition to the ‘Help’ menu
13 – Have a warning upon clicking ‘Clear All Settings and Exit’. This can be done by mistake at the moment
14 – Upon first start consider re-phrasing “a real email address is required” or put a note in smaller text saying explicilty that they can enter a fake one. It also says “Click help for more information”. They can’t; it’s greyed out. Perhaps re-phrase to “Click the question mark for more information” or add a ‘Help’ button
15 – Upon first start allow the user to bypass the AxCrypt ID email address entry to allow them to import previous keys. The only way at the minute would be to manually copy the configuration files into the correct directory. Having an option to bypass the screen would also allow them to decrypt files without entering any details

Bugs

1 – Using Anonymous Rename causes file to disappear from ‘Recent Files’
2 – Secured Folders take a while to recognise/encrypt new files. The red broom (or quitting AxCrypt) forces the files to be encrypted immediately

3 – ‘Stop Securing’ feature doesn’t work properly in a Secured Folder. It will decrypt the file but as soon as the program is quit, or the red broom is clicked, the file will be encrypted again
4 – ‘Create AxCrypt ID’ is always greyed out. The only way to do this is delete the configuration files or by ‘Clear All Settings and Exit’

Dialogue Suggestions

1 – Maybe remove the word “also” from first paragraph

2 – “that it recognises” or “that are recognised” but not “that is recognized”

3 – “amongst” not “among”

4 – Last paragraph “where” not “were”

5 – Remove superfluous commas

These are only very minor corrections to make the interface clearer.

I also had a think about the licensing and it’d be very difficult to implement anything effective (even like PKI) because it could easily be removed. At least any bed people wouldn’t have access to the key sharing functionality (because that requires your servers) or the mobile apps (same reason). It also inconveniences them because they’d have to use the software offline most of the time. So perhaps it’s just right as it is.